CVE-2021-43778 Scanner
Detects 'Path Traversal' vulnerability in pluginsGLPI barcode affects v. from 2.x prior to 2.6.1.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 1 day
Scan only one
URL
Toolbox
-
GLPI Barcode plugin is a useful tool designed for printing barcodes and QR codes. This plugin is used in GLPI instances version 2.x. Its multiple features make the barcode management process streamlined and efficient. The barcodes are extremely important for product identification and inventory management. The plugin makes it easier for individuals and organizations to keep track of their assets, saving them valuable time and minimizing the likelihood of error.
CVE-2021-43778 vulnerability has been detected in the GLPI Barcode plugin. This vulnerability specifically targets version 2.x prior to version 2.6.1. The vulnerability allows an attacker to exploit a path traversal vulnerability in the system. Path traversal is a technique that allows attackers to gain unauthorized access to directories. In the GLPI Barcode plugin, the vulnerability is present in the send.php file. This file can be exploited by attackers to gain unauthorized access to sensitive information.
When exploited, this vulnerability can lead to serious consequences. Attackers can gain access to sensitive information, such as customer data, product information, and financial data. The attacker can also inject malware and scripts in the system, giving them access to unauthorized control over the system. This can result in loss of data, system downtime, and financial loss.
By using the pro features of the s4e.io platform, users can easily and quickly learn about vulnerabilities in their digital assets. This platform provides a comprehensive vulnerability assessment that helps identify vulnerabilities on the system. Users can also access detailed reports based on their individual needs. The platform helps users to stay secure with minimal effort and minimal risk of exposure. It is the perfect solution for organizations that require an easy, cost-effective, and reliable way to maintain their security posture.
REFERENCES
- https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin
- https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46
- https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1
- https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9
